General
-
Target
75d85fc34ed91e2de083d9342c41e2966bce7beab75732e3e1316ee62e550e9c
-
Size
5.9MB
-
Sample
211221-wvvbvafbam
-
MD5
24d7b3e065cb0570a44a101641acd8b4
-
SHA1
7f71838113850cf07bebfe1da7a9211a7119a579
-
SHA256
75d85fc34ed91e2de083d9342c41e2966bce7beab75732e3e1316ee62e550e9c
-
SHA512
a7b9258d1e65f95461bbbb70169d29697c33e9ef348f850a76d866d9163f6e657275267a7b11f0a4032b3471d47095c471b0a22a7b9aacb432e912138cc40bbf
Static task
static1
Behavioral task
behavioral1
Sample
75d85fc34ed91e2de083d9342c41e2966bce7beab75732e3e1316ee62e550e9c.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
444
31.131.254.105:1498
Targets
-
-
Target
75d85fc34ed91e2de083d9342c41e2966bce7beab75732e3e1316ee62e550e9c
-
Size
5.9MB
-
MD5
24d7b3e065cb0570a44a101641acd8b4
-
SHA1
7f71838113850cf07bebfe1da7a9211a7119a579
-
SHA256
75d85fc34ed91e2de083d9342c41e2966bce7beab75732e3e1316ee62e550e9c
-
SHA512
a7b9258d1e65f95461bbbb70169d29697c33e9ef348f850a76d866d9163f6e657275267a7b11f0a4032b3471d47095c471b0a22a7b9aacb432e912138cc40bbf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-